Network Security
system security Linux network
system security Linux network The romanticized image of the digital nomad – a laptop on a sun-drenched balcony – rarely accounts for the actual friction of maintaining a professional development environment on the move. . The friction is amplified with Linux. We are looking for a setup that respects our kernel configurations, handles volatile network handovers, and maintains a strict security posture without the hand-holding of a consumer-grade OS – so, put simply, more than just a laptop and a sunny deck. The hardware is...
May 26, 2026
Server Securityopen-source Linux administration
open-source Linux administration Cron has existed in Unix and Linux environments for decades, handling backups, cleanup scripts, patching jobs, log rotation, monitoring tasks, and other maintenance work that administrators do not want to run manually. Most Linux servers rely on it constantly, which is exactly why attackers continue abusing it for persistence after a system has already been compromised. . Persistence through cron is not complicated. Attackers do not need a rootkit or advanced malware framework to maintain...
May 25, 2026
Vendors/Productssecurity breach linux
security breach linux A major internal repository breach at GitHub has exposed a critical and overlooked blind spot in Linux supply chain security. Kernel exploits, exposed SSH services, weak firewall rules, and vulnerable daemons dominated the Linux threat model for years, and in many environments, they still matter. But recent supply-chain incidents involving GitHub ecosystems, npm packages, and malicious developer tooling point somewhere else entirely: the developer workstation. . The breach matters because...
May 21, 2026
Security Trends access control multi-tenant
access control multi-tenant Linux administrators often face an ugly choice in the cloud: prioritize convenience and cost-efficiency by sharing infrastructure, or sacrifice those benefits for the sake of total isolation. Most modern Linux workloads don't live on their own private servers anymore. They live in shared environments like Kubernetes clusters, where multiple teams and services run side-by-side. It sounds efficient, and it usually is. . But cloud isolation isn't as ironclad as it looks on the diagram. If you...
May 21, 2026
Vendors/Productsincident response cloud security
incident response cloud security Managed Extended Detection and Response (MXDR) has become one of the most sought-after security services in the enterprise market — and with good reason. It promises the holy grail: broad visibility across endpoints, network, cloud, email, and identity, combined with the 24/7 human expertise most organizations simply cannot build in-house. . However, the rapid growth of the market has produced a wide range of providers whose capabilities vary considerably beneath the surface. Choosing the...
May 19, 2026
Refine news
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security news
We found -1 articles for you...
76
cybersecurity initiativeopen source securityvulnerability disclosureCISA's Secure By Design Initiative and Its Impact on Cybersecurity
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This development aims to address the increasing cybersecurity threats individuals and organizations face. . This article highlights the efforts of companies such as Microsoft, Google, and Apple to prioritize security by default in their products. These security measures include encryption, multi-factor authentication, and automatic security updates. What Does This Initiative Involve & What Are the Implications for Cybersecurity? There has been a significant development in the tech industry as nearly 70 tech and cybersecurity companies commit to integrating default security features into their products. This "secure by design" pledge aims to enhance the baseline security of tech products and address vulnerabilities right from the point of sale. The initiative is led by the Cybersecurity and Infrastructure Security Agency (CISA) and supported by major companies, including Microsoft, IBM, and Amazon Web Services. This proactive move emphasizes the importance of cybersecurity in today's digital landscape and the need for secure software practices. According to the CISA, the goals of this initiative include: Increase the use of multi-factor authentication (MFA) across their products; Reduce default passwords across their products; Reduce one or more entire classes of vulnerabilities; Increase the installation of security patches by customers; Publish a vulnerability disclosure policy (VDP) that authorizes testing by members of the public on products, commits to not recommending or pursuing legal action against anyone engaging in good faith efforts to follow the VDP, provides a clear channel to report vulnerabilities, and allows for public disclosure in line with coordinated vulnerability disclosure best practices and standards; Demonstrate transparency in vulnerability reporting by including accurate Common Weakness Enumeration (CWE) andCommon Platform Enumeration (CPE) fields in every CVE record for their products – and issue CVE in a "timely manner," at least for critical and high-impact bugs; and Make it easier for customers to spot evidence of intrusions affecting their products. Open Source: Pioneering the 'Secure-by-Design' Revolution As Linux admins, infosec professionals, internet security enthusiasts, and sysadmins, this development is significant as it demonstrates a proactive approach to cybersecurity. We know the benefits of built-in security, a key part of the open-source development model . Open-source software has publicly accessible code that anyone can view and contribute to, fostering thorough review by a vibrant worldwide community and resulting in the rapid detection and elimination of security issues. Software vulnerabilities cause the vast majority of breaches, and the initiative to embed security features directly into products could greatly reduce these risks. Embracing the open-source model would further enhance the inherent security of software developed under the secure-by-design initiative. The partnership between tech companies and cybersecurity experts to create more robust security features is particularly noteworthy. One security researcher states, "This collaborative effort will help address complex security challenges and lead to more resilient products." This collaboration is crucial in bridging the gap between theoretical security practices and real-world implementation. It raises questions about how this collaborative effort will impact the overall security landscape and whether it will result in a more standardized approach to security across different products. Another aspect to consider is the long-term consequences of this initiative. While embedding security features in products is a positive step, it could also create a false sense of security among users. One cybersecurity consultant warns, "Relying solely on built-in security features may lead users to believe they areinvulnerable to attacks." This raises concerns about user complacency and the need for ongoing education and awareness campaigns to ensure that users understand the limitations of these built-in security measures. Moreover, although the tech companies involved have signed the CISA's secure-by-design pledge, it is crucial to note that their commitments are voluntary. There are currently no measures in place to ensure that those who have signed on will hold up their end of the agreement. This is a critical consideration, as it is one thing to say you will adhere to a commitment and another to honor it in actuality. More must be done to ensure that companies uphold their promise to provide users with foundationally secure software. The impact of this initiative on security practitioners is significant. It could streamline security practices and reduce the burden of continuously patching vulnerabilities . However, it also raises concerns about vendor lock-in and the potential for companies to monopolize the security software market. As open-source advocates, it is essential to interrogate how this initiative aligns with the principles of openness, transparency, and collaboration that are the foundation of Linux and other open-source technologies. Our Final Thoughts on This Push for Built-in Security This initiative is a promising development in the tech industry. While it brings a positive shift towards proactive cybersecurity measures, it also raises questions about collaboration, a false sense of security, compatibility, and the balance between convenience and robustness. As security practitioners, it is crucial to critically analyze these implications and continue advocating for open-source practices and user education to strengthen overall security. . Leading technology firms are emphasizing integrated safety measures to address increasing cyberattack risks.. Secure By Design, Cybersecurity Practices, Open Source Security. . Dave Wreski
May 09, 2024
•
Organizations/Events
76
innovationmachine learningtech collaborationLinux Foundation Launches LF Deep Learning Foundation for AI Growth
The Linux Foundation has launched the LF Deep Learning Foundation, an umbrella organisation which will support and sustain open source innovation in artificial intelligence, machine learning, and deep learning. The organisation will strive to make these critical new technologies available to developers and data scientists everywhere, said a statement published by LF.. Founding members of LF Deep Learning include Amdocs, AT&T, B.Yond, Baidu, Huawei, Nokia, Tech Mahindra, Tencent, Univa, and ZTE, among others. LF Deep Learning, members are working to create a neutral space where makers and sustainers of tools and infrastructure can interact and harmonise their efforts and accelerate the broad adoption of deep learning technologies. The link for this article located at AnalyticsIndia is no longer available. . The AI Innovation Coalition strives to enhance collaborative development in artificial intelligence, uniting builders to foster advancement in this domain.. Deep Learning Foundation, Open Source AI, Linux Foundation, Machine Learning Innovations, Tech Collaboration. . Brittany Day
Apr 26, 2018
•
Organizations/Events
67
national securitycryptographygovernment surveillanceRobert Hannigan's Call for Crypto Backdoors in Tech Collaboration
Writing that "privacy has never been an absolute right," Robert Hannigan, the head of British spy agency GCHG, urged the US tech sector to assist the fight against terrorism and other crimes by opening up their proprietary networks to government authorities.. Hannigan, in a Financial Times editorial on Monday, suggested that "technology companies are in denial" over the Internet's use "to facilitate murder or child abuse." He wrote that the time was ripe for "addressing some uncomfortable truths" and went on to say the public wouldn't mind if technology companies gave governments backdoor access either.. Hannigan urges technology companies to establish crypto gateways to enhance national defense and efficiently combat criminal activities.. Crypto Backdoors,Cybersecurity Policy,Government Surveillance. . LinuxSecurity.com Team
Nov 05, 2014
•
Cryptography
79
data protectionphishingsecurity solutionGoogle And Facebook Team Up To Combat Email Scams: Phishing Protection
Google, Facebook and other big tech companies are jointly designing a system for combating e-mail scams known as phishing. Such scams try to trick people into giving away passwords and other personal information by sending e-mails that look as if they come from a legitimate bank, retailer or other business. . When Bank of America customers see e-mails that appear to come from the bank, they might click on a link that takes them to a fake site mimicking the real Bank of America's. There, they might enter personal details, which scam artists can capture and use for fraud. The link for this article located at USA Today is no longer available. . Major tech companies collaborate to develop strategies that combat online fraud, safeguarding users' confidential information and data from malicious attacks.. Phishing Protection, Email Security Solutions, Tech Collaboration. . LinuxSecurity.com Team
Jan 31, 2012
•
Security Projects
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
Discover faster search, smarter navigation, and deeper Linux security insights. Read More